Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: qWE9VbgSYnHEMxvPIbjpsq5u8sL61Z9C/1dsEvAj/hU=
Subject key identifier: 02:4A:A3:2D:2C:D5:8B:DF:5C:47:A1:7F:1A:36:01:9A:10:FA:E7:3F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4793B3FF183151B5DF11CB5C272889E01F87F58F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Mon 06 Oct 2025 18:10:29 +0000
ROA not before: Mon 06 Oct 2025 18:10:29 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:93:b3:ff:18:31:51:b5:df:11:cb:5c:27:28:89:e0:1f:87:f5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:29 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=9fca76eec05e04dcc5e1caf9bf755450cd6c2a26d80730aa190b498cda9cf51f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:78:c9:3e:0d:8c:17:52:56:bc:3d:bf:29:20:
16:5e:c7:2e:60:77:a0:f5:0d:6e:08:23:28:9a:b1:
17:48:e0:0d:0e:55:d8:ec:26:06:b4:9a:a4:f4:53:
bd:20:29:13:47:6f:6d:e5:b5:a8:71:7d:3b:61:f0:
60:65:ae:ca:67:36:c5:87:af:6f:5f:91:d4:5c:29:
68:d6:2a:bc:63:fc:d9:b7:15:54:b3:77:29:60:8f:
2b:b4:b0:b7:87:c4:26:d8:e4:33:7d:3a:e2:14:84:
6f:1c:c4:47:14:6d:c3:95:8d:25:90:db:52:19:75:
f1:99:22:aa:9c:91:9b:30:e0:ee:ee:f1:3b:cd:cb:
23:ba:f9:6d:53:da:bf:a9:6d:29:13:55:21:a2:e1:
bb:e8:8a:03:85:e5:5e:91:23:b3:3b:57:61:f7:95:
23:7d:1a:46:ab:72:a1:ad:9d:f5:e9:d2:d2:bd:6e:
db:3b:0d:4b:1a:ac:f5:8f:89:3e:dc:fc:64:ae:da:
c7:c2:0e:49:cd:a6:f6:ae:53:1e:40:04:72:89:7d:
80:4d:66:8c:38:96:60:cc:36:57:86:b9:f9:67:62:
af:96:e4:de:f2:d7:1a:8c:3b:e8:76:57:1a:af:1b:
2a:79:ae:53:cc:3f:ad:0b:07:c8:d2:25:0e:9d:75:
73:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:4A:A3:2D:2C:D5:8B:DF:5C:47:A1:7F:1A:36:01:9A:10:FA:E7:3F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:9f:fe:cb:60:98:fd:de:5b:fe:4f:60:e5:0a:3f:ca:99:a3:
1b:c6:16:cf:d9:1c:57:35:df:db:33:53:bb:b1:f8:71:05:e2:
f8:cd:69:6f:86:d5:5d:c1:9b:7f:68:98:cf:0b:a5:4f:e2:47:
c9:05:aa:aa:f7:7e:df:68:bb:92:b9:29:27:e1:b7:6e:84:e8:
7b:ea:03:9f:68:df:62:92:5d:25:4a:cd:bf:9b:c4:8f:45:5e:
50:0d:9e:ee:eb:fc:a7:64:aa:8c:5f:28:24:54:bc:4e:3e:39:
42:ee:73:c8:04:49:f4:c5:c0:b1:21:e0:d6:62:f7:86:1a:02:
4f:b8:45:b2:23:d8:e4:70:3f:d8:14:97:61:39:b4:b1:a2:d7:
7e:ac:1e:f0:26:ee:b5:c6:1c:ce:b0:ca:4e:ba:c6:3a:cb:27:
50:e7:a5:d4:ff:34:ad:fa:bd:7a:98:e7:b9:28:e8:07:67:94:
12:1c:c3:67:44:61:02:89:9e:9d:e8:22:5d:d9:c2:94:bb:b9:
96:68:bb:24:ab:c7:22:50:b4:2b:55:25:bc:f3:06:82:84:68:
f8:e1:fa:47:d0:50:ac:75:e6:6b:98:34:0e:87:ad:a7:10:e7:
e1:05:3b:9f:30:80:0f:d5:86:2c:93:23:bc:62:86:78:cb:26:
81:6a:04:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR5Oz/xgxUbXfEctcJyiJ4B+H9Y8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMjlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlmY2E3NmVlYzA1ZTA0ZGNjNWUxY2FmOWJmNzU1NDUwY2Q2YzJhMjZkODA3
MzBhYTE5MGI0OThjZGE5Y2Y1MWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM94yT4NjBdSVrw9vykgFl7HLmB3oPUNbggjKJqxF0jgDQ5V2OwmBrSapPRT
vSApE0dvbeW1qHF9O2HwYGWuymc2xYevb1+R1FwpaNYqvGP82bcVVLN3KWCPK7Sw
t4fEJtjkM3064hSEbxzERxRtw5WNJZDbUhl18ZkiqpyRmzDg7u7xO83LI7r5bVPa
v6ltKRNVIaLhu+iKA4XlXpEjsztXYfeVI30aRqtyoa2d9enS0r1u2zsNSxqs9Y+J
Ptz8ZK7ax8IOSc2m9q5THkAEcol9gE1mjDiWYMw2V4a5+Wdir5bk3vLXGow76HZX
Gq8bKnmuU8w/rQsHyNIlDp11c2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCSqMt
LNWL31xHoX8aNgGaEPrnPzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQBwn/7LYJj93lv+T2DlCj/KmaMbxhbP2RxXNd/bM1O7
sfhxBeL4zWlvhtVdwZt/aJjPC6VP4kfJBaqq937faLuSuSkn4bduhOh76gOfaN9i
kl0lSs2/m8SPRV5QDZ7u6/ynZKqMXygkVLxOPjlC7nPIBEn0xcCxIeDWYveGGgJP
uEWyI9jkcD/YFJdhObSxotd+rB7wJu61xhzOsMpOusY6yydQ56XU/zSt+r16mOe5
KOgHZ5QSHMNnRGECiZ6d6CJd2cKUu7mWaLskq8ciULQrVSW88waChGj44fpH0FCs
deZrmDQOh62nEOfhBTufMIAP1YYskyO8YoZ4yyaBagRO
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:52:46 2025 by rpki-client